DriveCrypt 1344-Bit - Disk Encryption

DRIVECRYPT securely and easily protects all proprietary data on notebooks and desktop computers 100% of the time without users having to think about security. Any organization, from a small company to a large international firm with thousands of users in the field, can effectively protect business plans, client lists, product specifications, confidential corporate memos, stock information, and much more with this disk encryption product.

As data is read from the hard disk, DRIVECRYPT automatically decrypts the data before it is loaded into memory. When data is written back to the hard disk, it is automatically re-encrypted. The disk encryption/decryption process is completely transparent to the user or any application program because the data is processed by an operating system extension, "on the fly" as it transfers back and forth between the hard disk and memory. Consequently, users don't need to remember to decrypt or re-encrypt their data, or change the normal operation of the PC. In addition, only individual files are decrypted at any one time, not the whole hard disk.

DriveCrypt main features

1. Strong Cryptography

1344 Bit Military Strength disk encryption using the best and most proven cryptographic algorithms such as AES, Blowfish, Tea 16, Tea 32, Des, Triple Des, Misty 1 and Square.

2. Easy to Install, Deploy & Use

DRIVECRYPT data encryption software requires minimal administration and user training. Disk encryption is completely transparent, requiring no change in the way users work with the computer.

3. Maximize Your Security, Minimize Your Risk

DRIVECRYPT protects your data with very fast and a true "on the fly" disk encryption process. Some other products that claim to be "on the fly" decrypt an entire file and load it into memory, creating significant security risks. DriveCrypt file encryption software is smarter and more secure because it decrypts only the specific portion of a file that is in use. Unprotected data never resides on a DriveCrypt encrypted hard drive.

4. Disk Partition and file volume encryption

DRIVECRYPT allows both, the encryption of an entire Hard Disk partition, as well as the creation of a virtual container file that will store all the encrypted information.

5. Invisible Containers

The DriveCrypt Standard edition has the ability to create an INVISIBLE disk INSIDE a container or partition. This way you define two passwords for a container. The invisible disks password gives you access to your working disk, which is hidden in the unused area of your "outer" disk, while another password gives you access to the pre-setup DriveCrypt volume in which you only store data that you would want others to believe is the only data in the container or partition. This is very useful in cases where adversaries may force you to reveal the DriveCrypt disk's password: By revealing the password of the first or "outer" disk, the adversary will ONLY see the "prepared data": IE data you put in there, before creating the hidden disk, while he will not be able to see or get evidence that there is another invisible container that securely stores confidential data on the disk.

6. Hide data into music files

Using special so called "Steganographic" functionalities, DRIVECRYPT allows you to hide all your sensitive information into music files. Just authorized users will be able to access secret information, anyone else will only find harmless music on the computer…

7. Easily encrypts Pen-Drives and USB disks on a container or partition level.

With the HOT Disk option, DriveCrypt can also optionally automatically request the users authentication data as soon as the USB device is inserted. When the USB disk is removed from the computer, all the data are automatically inaccessible to unauthorized persons.

DRIVECRYPT integrates special functions that prevent passwords from being sniffed by hackers or trojan horses such as Back Orifice, SubSeven etc...

10. No-Evidence Encryption

DRIVECRYPT container files do not have any file header that indicates it is a DriveCrypt encrypted file. Therefore, without knowing the right passphrase, it is impossible to prove that a large container file on the computer is a DriveCrypt virtual disk container.

11. Administrator Password Control (keyfiles)

DRIVECRYPT allows system Administrators to assign different passwords to different users.

12. Anti Dictionary or Brute Force Attack mechanism

DRIVECRYPT makes Dictionary or Brute Force attacks against encrypted volumes much harder than any of the actual competitor products by dramatically slowing down these processes.

13. Easy and fast hotkey control

DRIVECRYPT allows the most used commands like mount or dismount encrypted volumes… to be rapidly accessed through Hotkeys and/or the toolbar.

14. Second User Access

DRIVECRYPT allows the creation of a master password, as well as different lower rights second user passwords (keyfiles).

15. Forgotten user password recovery

DRIVECRYPT allows administrators using the master password, to access an encrypted disk even if the user has forgotten his user password. This ensures that a company can restore a user password if forgotten. DriveCrypt prevents loss of valuable data from user's workstations and notebooks by allowing three methods of encrypted data access: the Master Password, the user password (keyfile) and/or hardware device access such as optional fingerprint/Smartcard Readers or USB Token devices.

16. Eliminate the Danger Of Unattended Computers

DRIVECRYPT provides an automatic and/or manual lock-out feature that locks out the user's console and displays a password-protected screen saver. This lock-out functionality can be activated manually or automatically after a specified period of computer inactivity. The computer remains secure even when left unattended. To restore the screen and unlock the keyboard, the password for the current user or Master Password must be entered.

17. Secure Disk Deletion (Disk Wiping)

DRIVECRYPT allows you to wipe the free space on a disk. This ensures that deleted files will never be recovered by special disk tools.

18. Encrypted Volume Resizing (DriveCrypt Standard edition)

An Encrypted Volume may, with time, become too small or too big, for the amount of data it has to contain. Therefore, DriveCrypt offers you a Volume-Resize functionality. This will allow you to easily adapt a volume to your needs at any time, and optimise the Hard Disk space.

DRIVECRYPT works on any kind of Hard Disk, and removable medium such as Floppy-, Zip-, Jazz-, Sygate-, CD-Rom, DVD- Drives etc… and manages up to 16 TERABYTES of encrypted data (Standard edition) or 4 GB (Home Edition)

21. Installation is Easy and Safe

The installation is easy and fast. During installation, the administrator simply selects the drives to be encrypted, the encryption method he would like to use and the master password. DRIVECRYPT will then make the rest and crypt the selected disks.

22. Encrypted Data is Easily Recovered

If a user leaves the organization, the encrypted data on the PC is easily recovered and restored to a decrypted state by the administrator using the Master Password or the Local Administrator Password.

23. No Backdoors present

DriveCrypt does NOT include any backdoor. Encrypted data are only accessible by the legitimate users. Neither the vendor nor any other entities are able to break DriveCrypt disk encryption.

FAQ

Show all...

Q: Has the DriveCrypt encryption ever been broken/hacked ? A: No! In the past, we have also launched several contests offering up to 100,000 US$ for the first person able to open a DriveCrypt encrypted disk Nobody succeeded! (See our press section for more details)

Q: We are from the "Police" "Tax authority" "Security Company". and are investigating on someone whose computer is protected with your DriveCrypt software. Since we were not able to break into the protected computer ourselves, could you please assist us getting access to the encrypted data ? If requested, we can provide you with a court order. A: Sorry, but our software has been designed to be the most secure in the industry, and as such not even our programmers are able to break into a DriveCrypt encrypted computer. The only way to get access to the protected data is by entering the correct password known only by the legitimate user.

Q: Is there a back door in your software ? A: No. There is no back door in our software, and there is no point in making one as we might risk losing the good reputation of our products. Besides this, today there is no law in Germany that can force us to make one in our software.

Q: Have you ever been asked by any government to add a "back door" to your software ? Is there any law anywhere, which has forced you to include any kind of back door, so, any authority can read the encrypted files? A: We have never been asked by any government to add a back door into our software, and we have no interest in making one. In any case, no country in the world, other than Germany (where SecurStar is incorporated), can force us to put a back door in our software. Please note that we incorporated SecurStar in Germany, because Germany is one of the few governments in the world that actively promotes strong cryptography while other countries are more restrictive on this subject matter. If laws in Germany should change in the future, we are prepared to move the company accordingly.

Q: Is the source code of your software available ? A: With our former products Scramdisk and E4M we had a long tradition of open source software. With these products, millions of people all over the world could verify the software security and review how the encryption functions. Unfortunately our competitors had nothing better to do but to steal our source code to add routines and functionalities to their (closed source) products. Some also just cloned our software and only changed the user interface. Since we want to avoid spending a tremendous amount of money and time in research and development to see competitors stealing our work, we decided to release the source code only to selected customers after they placed a substantial order and signed a non-disclosure agreement. We are open to other ways of releasing the source code to the public, but need to find a solution that can also protect our interests. One idea we had was to release a basic version of our software together with its source code. This way, the most paranoid can use that software to encrypt/decrypt the data. Please let us know if this would be acceptable for you, or if you have any other interesting idea that covers the above problematic. We would be more than happy to listen to you. Please write to contact@securstar.de

Q: Is DriveCrypt Windows 8 compatible ? A: YES, DriveCrypt is Windows 8 compatible ! We suggest that all our customers should upgrade their program regardless of the Operating System in use, as further enhancements have been made in the latest version.

Q: What are the advantages of DriveCrypt over its predecessor products ScramDisk and E4M ? There are large numbers of new features we believe we have the most feature rich disk encryption product available, here are some of the exciting new features

- Increased security through the implementation of 1344 bit encryption and SHA 256 - Handles up to 16 terabytes of encrypted data - Hotkey support (fast mount/dismount all your disks) - Lockout console to protect your machine when you leave it alone - Resizable encrypted volumes - Red Screen Password - State of the art steganography (files can be hidden into music files) - Optional registry changes to make file associations - Hardware Support (USB token and SmartCards) - Unified "InstallShield" style installation procedure. - Fragmentation problem on Win9x version largely solved. - Network support - Works on Windows 95/98/ME/NT/2000 and Windows XP - And much more

Q: Is it possible to stop our employees encrypting data if they have not given access to our administrator, or to management ? A: Yes, during the installation of DriveCrypt on a Windows NT 4/ 2000 /XP machine, you have the possibility to choose that all new containers must be created by the system administrator. To make sure that users do not install containers created on other machines, you can also force users to mount encrypted containers only through KeyFiles which you retain control over.

Q: Can i expand a container if mounted as a invisible disk ? A: NO. If would create a new container which has no longer invisible containers, and overwrite the "main" part of it.

Q: What is the minimum size of a container, in order to be able to add an invisible disk ? A: Disks less than 3 MB in size cannot have"invisible" parts.

Q: How do I delete my unwanted ''.DRC'' container file ? A: Go to options and CHECK [x] Disable DRC FILE DELETE protection, Delete the container file, and empty your recycle bin straight away if you are using one. You could also rename the extension from ''.DRC'' (to say ''.DEL'') and then just delete it.

Q: How do I dismount individual DriveCrypt containers ? A: Click on a mounted DriveCrypt icon with the right mouse button and select ''Dismount'' from the context menu. Note that there are also other useful options available from this menu.

Q: Can I create DriveCrypt containers less than 1 Mbyte in size ? A: Yes. You can now specify containers in Kbytes from 250K upwards.

Q: Can I ''defrag'' or ''Scandisk'' my DriveCrypt containers ? A: Yes

Q: Can I create DriveCrypt containers without the wizard ? A: No, on this version you must use the wizard to create new DriveCrypt containers.

Q: What is the default password for the local console Lock-Out screen ? A: For old versions (before version 3.01a) the Default password is: securstar. For newer versions there is no defauld password. Please make sure that you change this password, as soon as possible.

Q: Why all that mouse waddling/button clicking when I'm creating DriveCrypt containers ? A: DriveCrypt needs lots of random numbers, and this is the best way to get them.

Q: What is the maximum size DriveCrypt container I can make ? A: Files on Windows 95/98 can be no more than 4 GigaBytes and so file based DriveCrypt containers can be no larger than this. Dedicated Partitions can be up to 2047 GigaBytes in size. On Windows XP/7/8, file containers can have a maximal size of 16TB (about 16,000 GB), while partitions have no maximal size and can be as big as the size of the disk.

Q: Does DriveCrypt work on Windows 8.1 ? A: Yes. See the answer above about Windows 8.

Q: How do I mount containers after creating them ? A: There are three ways to do this: 1) Use the menu file mount container option 2) Drag the container file to the DriveCrypt window 3) Create an association with DriveCrypt for the DRC file (Always open with and you can then simply double click on the container file

Q: Why is my .WAV audio file not suitable for DriveCrypt''s steganography feature ? A: DriveCrypt needs 16 bit stereo .WAV files. Suitable files can be created with programs such as ''WinDac'' or ''Cool Edit''. Do not use wav files with pure silence at the beginning of the music file.

Q: Can I store DriveCrypt volumes on recordable CD disks and CD-RW disks ? A: Yes you can. Create the container file on your hard drive, and burn it onto the CD Please note that in all cases (even on CD-RW) the DriveCrypt volumes will be read only.

Q: Can I store my containers on DVD RAM disks ? A: Yes you can. Please note that the DVD RAM disk has to be formatted as UDF rather than FAT16, and you may need to use the UDF filesystem that came with your drive. DriveCrypt containers on this optical media will be seen as normal read write disks.

Q: What about Zip and Jaz disks ? A: You can store your containers on these disks. You can also use partitions on them.

Q: What does ''brutal dismount'' mean ? A: Brutal dismount allows DriveCrypt containers to be dismounted even when programs have files open on them. This option is really only there for emergency use as Windows may crash with a blue screen message when using this option.

Q: Does this version of DriveCrypt still have ''backup'' key data information ? A: Yes but it is encrypted more than once, to prevent automatic identification of DriveCrypt container files. Utilities are now built in to use this backup data. Changing passwords will convert the format of your old containers to this new specification automatically.

Q: What is the new ''traveller mode'' which can be installed ? A: Traveller mode, is a way of installing DriveCrypt so you can access containers without having to permanently install DriveCrypt on the relevant Windows system. Dedicated hard disk partitions need DriveCrypt to be fully installed to be accessed on Windows 95/98. Traveller mode installs only onto removable media such as floppy disks etc.

Q: Can I mount a DriveCrypt volume over a network ? A: Yes.

Q: Couldn't I just use Microsoft's new EFS filesystem in Windows ? A: Yes, but remember the encryption is limited by U.S export regulations to weak encryption only; and it is not complete drive encryption, it's transparent directory or file encryption, plus you can't use it with any other operating system.

Q: Microsoft uses "public key cryptography" in EFS to protect my keys, isn't this stronger encryption than what is available in DriveCrypt ? A: No, in this case it''s a different way of protecting the actual directory/file encryption keys.

Q: Isn't encryption/steganography illegal ? A: Maybe, it depends on where in the world you live, please check your own laws and regulations before using DriveCrypt.